Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F75BA0E6F43511EFA5604F80762E951A.roa
File: F75BA0E6F43511EFA5604F80762E951A.roa (raw, json)
Hash identifier: rsfQbfAmFuYMEQgslMDddwzMcSgaC3zBzfSh8cps4iw=
Subject key identifier: ED:EA:0A:C3:1C:5F:B2:DF:44:1A:62:22:D6:12:62:D8:B4:6A:FA:EB
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0162A8
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F75BA0E6F43511EFA5604F80762E951A.roa
Signing time: Wed 26 Feb 2025 11:36:49 +0000
ROA not before: Wed 26 Feb 2025 11:36:45 +0000
ROA not after: Thu 19 Feb 2026 11:36:45 +0000
asID: 984
IP address blocks: 154.208.99.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90792 (0x162a8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 26 11:36:45 2025 GMT
Not After : Feb 19 11:36:45 2026 GMT
Subject: CN=67befcd1-affd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:a0:45:cb:4e:d0:e6:e7:17:5c:ee:01:29:ef:
61:29:e8:63:cc:2e:8f:ee:dc:10:9d:2a:45:3a:03:
59:84:86:96:c4:d2:fb:36:1d:9c:97:fd:8b:be:0a:
7e:1b:27:a2:d6:7c:9a:2b:3a:f7:f2:d6:6b:8e:39:
92:31:a3:97:80:57:c9:f1:e9:3c:a2:2b:f2:cf:1a:
09:88:d6:32:25:92:ca:fd:12:0a:b6:b1:ac:fc:23:
5b:67:a0:0c:47:d6:50:c4:3d:f1:d0:e2:5c:e5:af:
62:d2:df:bf:8d:f9:00:92:28:8a:fa:cb:9c:dd:1a:
5f:dd:94:99:0d:ae:84:58:ec:94:41:07:0b:71:54:
4f:14:fb:6a:ed:99:fd:99:5e:7a:10:3a:1c:50:68:
dd:a9:f6:d4:52:d7:38:89:36:1c:5f:ef:cb:a5:94:
35:cc:cc:ce:de:b7:eb:1e:a2:f7:30:95:b1:18:28:
5a:53:be:29:e9:53:45:cc:ba:a1:74:7a:eb:3c:77:
67:ad:b9:d4:8b:09:84:38:a1:26:f4:a1:b5:81:3d:
16:26:a3:bd:e5:b1:49:bc:7c:16:13:83:1a:e4:34:
f1:61:23:26:7e:10:0f:67:8b:be:84:98:4a:60:c2:
71:17:14:ef:60:a4:76:60:6f:70:d0:8b:83:0b:41:
91:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:EA:0A:C3:1C:5F:B2:DF:44:1A:62:22:D6:12:62:D8:B4:6A:FA:EB
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F75BA0E6F43511EFA5604F80762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.208.99.0/24
Signature Algorithm: sha256WithRSAEncryption
69:a4:27:da:da:f1:19:a5:84:04:e2:0f:1d:fb:06:b3:59:4b:
f0:e4:49:01:96:56:68:29:58:5c:0d:30:91:b1:92:a7:85:a2:
f8:66:00:4a:9d:96:02:f8:52:ca:dd:11:4e:98:1c:33:6a:3a:
f2:ee:54:60:d9:56:56:6a:0f:30:d7:97:63:a9:a2:e4:35:66:
e0:17:9c:3f:76:ed:a3:99:f2:9e:dc:c2:93:cd:9e:74:c2:00:
3f:e8:d0:98:9a:bb:c7:83:fc:87:24:a9:81:f6:91:30:93:c6:
b8:44:50:55:ba:04:2d:09:1e:6c:c2:9a:20:96:e7:5c:81:5e:
75:35:6a:c3:8a:c9:09:1b:10:db:b4:76:a3:2c:1f:61:b5:aa:
68:38:65:9f:5f:6e:68:a4:e7:82:00:aa:ed:25:26:2d:3a:0f:
c3:bc:24:aa:a3:68:8b:b3:62:3e:98:88:70:62:2f:c6:e8:cd:
56:c5:c6:6c:94:b1:a4:ab:c6:32:fd:6e:db:47:e9:5e:e0:d1:
0f:34:27:28:38:f7:28:d5:e3:57:e2:18:8f:1d:4a:12:f2:d4:
ad:41:53:fe:6d:54:09:fa:84:7d:71:65:d2:e2:9e:e3:13:59:
43:5d:1b:70:4c:b9:b5:50:5b:01:be:07:73:71:87:94:d4:10:
30:25:75:2f
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWKoMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI2MTEzNjQ1WhcNMjYwMjE5MTEzNjQ1WjAYMRYw
FAYDVQQDEw02N2JlZmNkMS1hZmZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAx6BFy07Q5ucXXO4BKe9hKehjzC6P7twQnSpFOgNZhIaWxNL7Nh2cl/2L
vgp+Gyei1nyaKzr38tZrjjmSMaOXgFfJ8ek8oivyzxoJiNYyJZLK/RIKtrGs/CNb
Z6AMR9ZQxD3x0OJc5a9i0t+/jfkAkiiK+suc3Rpf3ZSZDa6EWOyUQQcLcVRPFPtq
7Zn9mV56EDocUGjdqfbUUtc4iTYcX+/LpZQ1zMzO3rfrHqL3MJWxGChaU74p6VNF
zLqhdHrrPHdnrbnUiwmEOKEm9KG1gT0WJqO95bFJvHwWE4Ma5DTxYSMmfhAPZ4u+
hJhKYMJxFxTvYKR2YG9w0IuDC0GRrwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFO3q
CsMcX7LfRBpiItYSYti0avrrMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GNzVCQTBFNkY0MzUxMUVGQTU2MDRGODA3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtBjMA0GCSqGSIb3DQEB
CwUAA4IBAQBppCfa2vEZpYQE4g8d+wazWUvw5EkBllZoKVhcDTCRsZKnhaL4ZgBK
nZYC+FLK3RFOmBwzajry7lRg2VZWag8w15djqaLkNWbgF5w/du2jmfKe3MKTzZ50
wgA/6NCYmrvHg/yHJKmB9pEwk8a4RFBVugQtCR5swpogludcgV51NWrDiskJGxDb
tHajLB9htapoOGWfX25opOeCAKrtJSYtOg/DvCSqo2iLs2I+mIhwYi/G6M1WxcZs
lLGkq8Yy/W7bR+le4NEPNCcoOPco1eNX4hiPHUoS8tStQVP+bVQJ+oR9cWXS4p7j
E1lDXRtwTLm1UFsBvgdzcYeU1BAwJXUv
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:21:02 2025 by rpki-client